ATM it seems that if someone has access to the 'personal' tab, then they can see everything about that person.
So when the person organizing morning tea is working on the roster and wants to ring someone to check a detail, they end up seeing the volunteers birthday, marital status, etc. Not good!
Could we somehow ad an access permission that says 'directory details only'? Perhaps that would limit organisers to only the public domain information.
Or it's quite possible we can already do that and I just haven't sorted it out.
Thanks for the post.
You can lockdown custom fields to specific access permissions, but can not lockdown the built in fields at this stage.
There is a feature request for this, and I've added your support to this request.
Hope this helps,